BSD Commit Log Search

   Only send exported variables (from OpenBSD):
   https://www.openwall.com/lists/oss-security/2026/03/13/1

libopeninput: update to latest version

   doc: Updated net/mikutter to 5.1.1nb7

   mikutter: apply upstream patch for pango rendering

   Bump PKGREVISION.

   doc: Updated net/ruby-public_suffix to 7.0.5

   ruby-public_suffix: update to 7.0.5

   Upstream changes (from CHANGELOG.md):

   7.0.5 - 2026-03-03

    Fixed

     - Fix release crash caused by unconditional rubocop/yard requires
       in Rakefile.

   7.0.4 - 2026-03-03

    Fixed

     - Fix release workflow.

   7.0.3 - 2026-03-03


    [3 lines not shown]

chromium: update to 146.0.7680.75

   doc: Updated net/ruby-addressable to 2.8.9

   ruby-addressable: update to 2.8.9

   Upstream changes:
    https://github.com/sporkmonger/addressable/blob/addressable-2.8.9/CHANGELOG.md

   Addressable 2.8.9

     * Reduce gem size by excluding test files (#569)
     * No need for bundler as development dependency (#571, 5fc1d93)
     * idna/pure: stop building the useless COMPOSITION_TABLE (removes the
       Addressable::IDNA::COMPOSITION_TABLE constant) (#564)

   doc: Updated sysutils/intel-microcode-netbsd to 20260227

   Update sysutils/intel-microcode-netbsd to 20260227

   ### Purpose
   - Update for functional issues. Refer to Intel Xeon 6700P-B/6500P-B-Series SoC
     with P-Cores] for details.


   ### Updated Platforms

   | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
   |:---------------|:---------|:------------|:---------|:---------|:---------
   | GNR-D          | B0/B1    | 06-ae-01/97 | 010002f3 | 01000303 | Xeon 6700P-B/6500P-B Series SoC with P-Cores

   doc: Updated sysutils/intel-microcode-netbsd to 20260210-rev1.

   Update sysutils/intel-microcode-netbsd to 20260210-rev1

   ### Purpose
   - Updated security updates for INTEL-SA-01083 originally published on
     Aug 13, 2024
   - Security updates for INTEL-SA-01396
   - Update for functional issues. Refer to 10th Gen Intel Core Processor Families
     Specification Update for details.
   - Update for functional issues. Refer to 11th Gen Intel Core Processor
     Specification Update for details.
   - Update for functional issues. Refer to 12th Generation Intel Core Processor
     Family for details.
   - Update for functional issues. Refer to 13th Generation Intel Core Processor
     Specification Update for details.
   - Update for functional issues. Refer to 13th/14th Gen Intel Core Processor
     Specification Update for details.
   - Update for functional issues. Refer to 3rd Generation Intel Xeon Processor
     Scalable Family Specification Update for details.
   - Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors

    [59 lines not shown]

   Updated devel/py-nose2

   py-nose2: updated to 0.16.0

   0.16.0 (2026-03-01)

   Added

   * Added official support for Python 3.14.

   Changed

   * ``nose2`` now explicitly uses a multiprocessing context for the ``mp`` plugin,
     which ensures that it is isolated from any multiprocessing settings used by
     applications under test. This ensures that the ``fork`` start method is always
     used on POSIX systems. ``spawn`` is used on Windows. Thanks
     :user:`JimmyDurandWesolowski` and :user:`airtower-luna`!

   Deprecated

   * The ``coverage`` plugin is now deprecated, and is no longer tested on newer

    [5 lines not shown]

   Updated math/py-simpleeval, textproc/py-phonenumbers

   py-phonenumbers: updated to 9.0.26

   9.0.26
   Unknown changes

   py-simpleeval: updated to 1.0.5

   1.0.5

   Fixes Security issues with "dangerous" modules & functions leaking through as attributes of other names, see:

   GHSA-44vg-5wv2-h2hg

webkit-gtk: try to build on Darwin

   doc/TODO: webkit-gtk updated in wip.

webkit-gtk: update to 2.50.6.

Seems more stable, still crashes though.

   Updated security/py-cyclonedx-bom, www/py-scrapy

   py-scrapy: updated to 2.14.2

   Scrapy 2.14.2 (2026-03-12)

   Security bug fixes

   -   Values from the ``Referrer-Policy`` header of HTTP responses are no longer
       executed as Python callables. See the `cwxj-rr6w-m6w7`_ security advisory
       for details.

       .. _cwxj-rr6w-m6w7: https://github.com/scrapy/scrapy/security/advisories/GHSA-cwxj-rr6w-m6w7

   -   In line with the `standard
       <https://fetch.spec.whatwg.org/#http-redirect-fetch>`__, 301 redirects of
       ``POST`` requests are converted into ``GET`` requests.

       Converting to a ``GET`` request implies not only a method change, but also
       omitting the body and ``Content-*`` headers in the redirect request. On
       cross-origin redirects (for example, cross-domain redirects), this is

    [48 lines not shown]

   py-cyclonedx-bom: updated to 7.2.2

   7.2.2
   Documentation
   - Modernize RTF setup

   nodejs20: remove commented-out section

   doc: Updated comms/libhidapi to 0.15.0

   libhidapi: update to 0.15.0

   pkgsrc changes:

    - add PLIST_VARS for libhidapi-netbsd (NetBSD HID native backend)
    - pull iconv(3) const check from libusb version
    - check both addr 0 and 1 on enumerating devices (see NetBSD PR/60073)

   Upstream changes:
    https://github.com/libusb/hidapi/releases/tag/hidapi-0.15.0

   general: Add hid_send_output_report() (#677)
   general: Add hid_read_error() (#721)

   winapi: add hid_winapi_set_write_timeout (#700)
   winapi: improvements for hid_get_report_descriptor/hid_winapi_descriptor_reconstruct_pp_data (#707)

   hidraw: report only Top-Level Usage_page/Usage pairs as 'unique' devices (#601)


    [8 lines not shown]

   Updated lang/nodejs20, devel/capnproto

   capnproto: updated to 1.4.0

   1.4.0
   Unknown changes

   nodejs20: updated to 20.20.1

   20.20.1 'Iron' (LTS)
   Notable Changes

   - build: test on Python 3.14 (Christian Clauss)
   - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot)
   - crypto: update root certificates to NSS 3.117